Wednesday, June 16, 2010

After upgrading from SharePoint 2007 to 2010 we noticed that our custom job scheduler web part started throwing the following error:

"The SPPersistedObject, Microsoft.SharePoint.Administration.SPJobDefinition, could not be updated because the current user is not a Farm Administrator".

Since we were running the SPJobDefinition.Update() and related code under SPSecurity.RunWithElevatedPrivileges() I was under the impression that the code already ran as Farm Admin. After banging my head against the wall for a couple hours with no solution I decided to whip out my most trusted tool - Red Gate's Reflector - it never failed me before.

Upon detailed investigation of Microsoft.SharePoint.dll I discovered that SharePoint guys added a new security feature to all objects inheriting from SPPersistedObject in the Microsoft.SharePoint.Administration namespace. This feature explicitly disallows modification of the above stated objects from content web applications, which is where our web part is running. The error message thrown is therefore very misleading. After some more tracing through the code I found a property in SharePoint API which controls this behavior: